search.safefinder.com a podobná havěť v mém PC :(

Zpráva

ave007 · #1 Příspěvek od **ave007** » 23 led 2016 18:47

Bohužel se mi do PC dostala tato havěť, prosím o pomoc.
Velmi děkuji.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Sir Kubíno V at 2016-01-23 18:45:57
Microsoft Windows 8.1 Pro
System drive C: has 405 GB (85%) free of 477 GB
Total RAM: 3327 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:45:58, on 23. 1. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18124)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\taskhostex.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\WINDOWS\system32\GWX\GWX.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Users\Sir Kubíno V\Desktop\RSIT (1).exe
C:\Program Files\trend micro\Sir Kubíno V.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://services.freshy.com/general/newh ... A60C61}&i=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlZOM-BCxEbTY1kuKBUC9TUD03JNUO1H8zTqpsBJ3KSoiV5upp8CYc6UNMukg6_OcuwH7I11B9YkjY7pqRPW3lCldxEDz2C0x9hb2UOehmAAdaRrlNWaLOh_q35nhZyIPodeOumOOpI1NW8H6dExb5EKhg9Xig,,&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlZOM-BCxEbTY1kuKBUC9TUD03JNUO1H8zTqpsBJ3KSoiV5upp8CYc6UNMukg6_OcuwH7I11B9YkjY7pqRPW3lCldxEDz2C0x9hb2UOehmAAdaRrlNWaLOh_q35nhZyIPodeOumOOpI1NW8H6dExb5EKhg9Xig,,&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlZOM-BCxEbTY1kuKBUC9TUD03JNUO1H8zTqpsBJ3KSoiV5upp8CYc6UNMukg6_OcuwH7I11B9YkjY7pqRPW3lCldxEDz2C0x9hb2UOehmAAdaRrlNWaLOh_q35nhZyIPodeOumOOpI1NW8H6dExb5EKhg9Xig,,&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlZOM-BCxEbTY1kuKBUC9TUD03JNUO1H8zTqpsBJ3KSoiV5upp8CYc6UNMukg6_OcuBUpGX7jkIirVp0281FsmaKDCol3xk6OctmtM3BbMtQK7ybrV1e79qaBQmYHTsuuz1fd2opgwZnWl1x4t1rTMMqw7xz9g,,
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlZOM-BCxEbTY1kuKBUC9TUD03JNUO1H8zTqpsBJ3KSoiV5upp8CYc6UNMukg6_OcuwH7I11B9YkjY7pqRPW3lCldxEDz2C0x9hb2UOehmAAdaRrlNWaLOh_q35nhZyIPodeOumOOpI1NW8H6dExb5EKhg9Xig,,&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 111.248.193.27:80
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\RunOnce: [SeznamInstall-uninstall:4029407f8c2ebe5b804ea5be5590aa77] "C:\Users\SIRKUB~1\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe" -c "C:\Users\Sir Kubíno V\AppData\Roaming\Seznam.cz"
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\ProgramData\dlohn\TechIt.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: aotech - Unknown owner - C:\Program Files\aotech\aotech.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ApplicationHosting - Unknown owner - C:\ProgramData\\ApplicationHosting\\ApplicationHosting.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: dlohn - Unknown owner - C:\ProgramData\\dlohn\\dlohn.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Medlight - Unknown owner - C:\ProgramData\\Medlight\\Medlight.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvvsvc.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files\Origin\OriginClientService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe

--
End of file - 9553 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d040a6fc425f51.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d0907dc3042f9.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d0bfa2434d2d7e.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d0e18657715e98.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d0f1e533b88f37.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d12e132d09f00b.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d0bfa245a19e1c.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d0e18657d31f02.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18 153768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08 1725056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2015-11-10 1731800]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2014-08-19 1795872]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2014-10-01 5088456]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-11-02 152392]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2015-02-26 4556048]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-09-16 6495144]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2015-12-17 50378880]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SeznamInstall-uninstall:4029407f8c2ebe5b804ea5be5590aa77"=C:\Users\SIRKUB~1\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [2016-01-23 534528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\ProgramData\dlohn\TechIt.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"vidc.cvid"=iccvid.dll
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-01-23 18:43:14 ----D---- C:\rsit
2016-01-23 17:38:20 ----D---- C:\ProgramData\dlohns
2016-01-23 17:38:05 ----D---- C:\ProgramData\dlohn
2016-01-22 13:02:24 ----D---- C:\Users\Sir Kubíno V\AppData\Roaming\Mozilla
2016-01-22 13:00:10 ----D---- C:\Program Files\Common Files\Spanlax
2016-01-22 13:00:04 ----D---- C:\Program Files\endax
2016-01-22 13:00:03 ----D---- C:\ProgramData\Medlights
2016-01-22 12:59:52 ----D---- C:\ProgramData\Medlight
2016-01-22 12:59:40 ----D---- C:\ProgramData\ApplicationHosting
2016-01-22 12:57:37 ----D---- C:\Program Files\aotech
2016-01-22 12:57:33 ----D---- C:\Program Files\Seznam.cz
2016-01-22 12:57:10 ----D---- C:\Users\Sir Kubíno V\AppData\Roaming\Seznam.cz
2016-01-13 11:23:11 ----A---- C:\WINDOWS\system32\devinv.dll
2016-01-13 11:23:11 ----A---- C:\WINDOWS\system32\aepic.dll
2016-01-13 11:23:11 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-01-13 11:23:10 ----A---- C:\WINDOWS\system32\WMVDECOD.DLL
2016-01-13 11:23:10 ----A---- C:\WINDOWS\system32\msmpeg2adec.dll
2016-01-13 11:23:10 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2016-01-13 11:23:09 ----A---- C:\WINDOWS\system32\WMVENCOD.DLL
2016-01-13 11:23:09 ----A---- C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-13 11:23:09 ----A---- C:\WINDOWS\system32\WMADMOD.DLL
2016-01-13 11:23:09 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2016-01-13 11:23:09 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-01-13 11:23:08 ----A---- C:\WINDOWS\system32\WMVSDECD.DLL
2016-01-13 11:23:08 ----A---- C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-13 11:23:08 ----A---- C:\WINDOWS\system32\VIDRESZR.DLL
2016-01-13 11:23:08 ----A---- C:\WINDOWS\system32\RESAMPLEDMO.DLL
2016-01-13 11:23:08 ----A---- C:\WINDOWS\system32\quartz.dll
2016-01-13 11:23:08 ----A---- C:\WINDOWS\system32\MP4SDECD.DLL
2016-01-13 11:23:08 ----A---- C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-13 11:23:08 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-01-13 11:23:08 ----A---- C:\WINDOWS\system32\evr.dll
2016-01-13 11:23:08 ----A---- C:\WINDOWS\system32\COLORCNV.DLL
2016-01-13 11:23:07 ----AC---- C:\WINDOWS\system32\SysFxUI.dll
2016-01-13 11:23:07 ----A---- C:\WINDOWS\system32\WMVXENCD.DLL
2016-01-13 11:23:07 ----A---- C:\WINDOWS\system32\WMVSENCD.DLL
2016-01-13 11:23:07 ----A---- C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-13 11:23:07 ----A---- C:\WINDOWS\system32\WMADMOE.DLL
2016-01-13 11:23:07 ----A---- C:\WINDOWS\system32\qdvd.dll
2016-01-13 11:23:07 ----A---- C:\WINDOWS\system32\MPG4DECD.DLL
2016-01-13 11:23:07 ----A---- C:\WINDOWS\system32\MP43DECD.DLL
2016-01-13 11:23:07 ----A---- C:\WINDOWS\system32\MFWMAAEC.DLL
2016-01-13 11:23:07 ----A---- C:\WINDOWS\system32\mfvdsp.dll
2016-01-13 11:23:07 ----A---- C:\WINDOWS\system32\mfps.dll
2016-01-13 11:23:07 ----A---- C:\WINDOWS\system32\devenum.dll
2016-01-13 11:23:05 ----A---- C:\WINDOWS\system32\advapi32.dll
2016-01-13 11:23:04 ----A---- C:\WINDOWS\system32\gdi32.dll
2016-01-13 11:23:02 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-01-13 11:23:02 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-01-13 11:22:53 ----A---- C:\WINDOWS\system32\schannel.dll
2016-01-13 11:22:53 ----A---- C:\WINDOWS\system32\ncryptsslp.dll
2016-01-13 11:22:53 ----A---- C:\WINDOWS\system32\ncrypt.dll
2016-01-13 11:22:53 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-01-13 11:22:53 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2016-01-13 11:22:53 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2016-01-13 11:22:53 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2016-01-13 11:22:53 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2016-01-13 11:22:52 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-01-13 11:22:35 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-01-13 11:22:34 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-01-13 11:22:33 ----A---- C:\WINDOWS\system32\wininet.dll
2016-01-13 11:22:33 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-01-13 11:22:32 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-01-13 11:22:32 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-01-13 11:22:32 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-01-13 11:22:32 ----A---- C:\WINDOWS\system32\jscript.dll
2016-01-13 11:22:32 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-01-13 11:22:32 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-01-13 11:22:19 ----A---- C:\WINDOWS\system32\qedit.dll
2016-01-13 11:22:19 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-01-13 11:22:19 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2016-01-13 11:22:19 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-01-13 11:22:19 ----A---- C:\WINDOWS\system32\acmigration.dll

======List of files/folders modified in the last 1 month======

2016-01-23 18:45:57 ----D---- C:\Program Files\trend micro
2016-01-23 18:45:54 ----D---- C:\WINDOWS\Temp
2016-01-23 18:45:07 ----D---- C:\WINDOWS\Prefetch
2016-01-23 18:38:40 ----D---- C:\Program Files\Opera
2016-01-23 18:38:33 ----D---- C:\WINDOWS\system32\Tasks
2016-01-23 18:29:17 ----D---- C:\WINDOWS\SoftwareDistribution
2016-01-23 18:29:17 ----D---- C:\Windows
2016-01-23 18:29:12 ----D---- C:\WINDOWS\inf
2016-01-23 18:27:55 ----RD---- C:\Program Files
2016-01-23 18:25:03 ----D---- C:\WINDOWS\debug
2016-01-23 18:02:00 ----D---- C:\WINDOWS\system32\sru
2016-01-23 17:50:03 ----D---- C:\WINDOWS\AppReadiness
2016-01-23 17:38:20 ----HD---- C:\ProgramData
2016-01-22 21:21:51 ----D---- C:\ProgramData\Origin
2016-01-22 13:02:25 ----D---- C:\Users\Sir Kubíno V\AppData\Roaming\Skype
2016-01-22 13:00:55 ----D---- C:\ProgramData\NVIDIA
2016-01-22 13:00:04 ----RD---- C:\WINDOWS\System32
2016-01-22 12:57:15 ----RSD---- C:\WINDOWS\assembly
2016-01-22 11:52:22 ----D---- C:\WINDOWS\Microsoft.NET
2016-01-22 08:15:00 ----SHD---- C:\System Volume Information
2016-01-20 11:50:08 ----D---- C:\WINDOWS\system32\config
2016-01-16 20:11:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-15 21:46:13 ----D---- C:\WINDOWS\rescache
2016-01-14 14:05:56 ----D---- C:\WINDOWS\system32\DriverStore
2016-01-14 10:56:51 ----SHD---- C:\WINDOWS\Installer
2016-01-14 10:40:40 ----D---- C:\WINDOWS\WinSxS
2016-01-14 10:40:39 ----RD---- C:\Program Files\Skype
2016-01-13 19:07:17 ----SD---- C:\WINDOWS\system32\CompatTel
2016-01-13 19:07:17 ----D---- C:\WINDOWS\system32\appraiser
2016-01-13 19:07:17 ----D---- C:\WINDOWS\apppatch
2016-01-13 19:07:16 ----D---- C:\WINDOWS\system32\Drivers
2016-01-13 14:57:02 ----D---- C:\WINDOWS\CbsTemp
2016-01-13 14:56:47 ----D---- C:\ProgramData\Microsoft Help
2016-01-13 14:53:18 ----A---- C:\WINDOWS\win.ini
2016-01-13 14:48:49 ----D---- C:\WINDOWS\system32\MRT
2016-01-13 14:43:24 ----A---- C:\WINDOWS\system32\MRT.exe
2016-01-13 10:58:27 ----D---- C:\Program Files\CCleaner
2016-01-12 10:00:02 ----HD---- C:\Program Files\WindowsApps
2016-01-09 10:43:43 ----D---- C:\WINDOWS\system32\catroot2
2016-01-05 21:04:40 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2014-10-10 190368]
R0 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2014-10-10 51288]
R0 Wof;Windows Overlay File System Filter Driver; C:\WINDOWS\system32\drivers\Wof.sys [2014-03-13 138584]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2014-10-10 191928]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2014-10-10 135296]
R1 EpfwLWF;@oem8.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [2014-10-10 37928]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2014-10-10 176448]
R3 dtlitescsibus;@oem11.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2015-03-09 25104]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 L1E;@netl1e86.inf,%L1E.Service.DispName%;Ovladač miniportu NDIS pro adaptér Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\L1E62x86.sys [2013-06-18 55296]
R3 MTsensor;@oem1.inf,%ASACPI.DisplayName%;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-08-19 10681176]
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpio.sys [2013-07-23 22016]
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2c.sys [2013-07-23 61936]
S3 USBAAPL;@oem17.inf,%USBAAPL.SvcDesc%;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2014-10-29 37888]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\WINDOWS\system32\DRIVERS\WinUsb.sys [2015-10-10 62976]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 aotech;aotech; C:\Program Files\aotech\aotech.exe [2016-01-22 383488]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 ApplicationHosting;ApplicationHosting; C:\ProgramData\\ApplicationHosting\\ApplicationHosting.exe [2016-01-22 540160]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-01-08 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-01-08 1773696]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 33088]
R2 dlohn;dlohn; C:\ProgramData\\dlohn\\dlohn.exe [2016-01-23 540160]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2014-10-01 1349576]
R2 Medlight;Medlight; C:\ProgramData\\Medlight\\Medlight.exe [2016-01-22 540160]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2014-07-02 670552]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-07-02 413128]
R2 TeamViewer;TeamViewer 10; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2015-06-18 5495056]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-02-26 1032464]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-11-02 553288]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 33088]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 Origin Client Service;Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2015-12-18 2104840]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 150600]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 23 led 2016 20:00

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

ave007 · #3 Příspěvek od **ave007** » 23 led 2016 21:07

# AdwCleaner v5.030 - Logfile created 23/01/2016 at 20:59:49
# Updated 17/01/2016 by Xplode
# Database : 2016-01-19.2 [Server]
# Operating system : Windows 8.1 Pro (x86)
# Username : Sir Kubíno V - USER-PC
# Running from : C:\Users\Sir Kubíno V\Desktop\adwcleaner_5.030.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : ApplicationHosting
[-] Service Deleted : Medlight

***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\ApplicationHosting
[-] Folder Deleted : C:\ProgramData\Medlight
[-] Folder Deleted : C:\ProgramData\Medlights
[-] Folder Deleted : C:\Users\Sir Kubíno V\AppData\Roaming\BitLord
[-] Folder Deleted : C:\Users\Sir Kubíno V\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord
[-] Folder Deleted : C:\Users\Sir Kubíno V\Documents\BitLord

***** [ Files ] *****

[-] File Deleted : C:\Users\Sir Kubíno V\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.safefinder.com_0.localstorage
[-] File Deleted : C:\Users\Sir Kubíno V\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.safefinder.com_0.localstorage-journal
[-] File Deleted : C:\WINDOWS\system32\findit.xml

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

[-] Task Deleted : snp

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SEARCHSCOPES\IELNKSRCH
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Stpro.exe
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fcgnigmofekcllgbiejhmigggmgehkip
[-] Key Deleted : HKCU\Software\TNT2
[-] Key Deleted : HKLM\SOFTWARE\downchecker
[-] Key Deleted : HKLM\SOFTWARE\mtMedlight
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ielnksrch

***** [ Web browsers ] *****

[-] [C:\Users\Sir Kubíno V\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : fcgnigmofekcllgbiejhmigggmgehkip

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2388 bytes] ##########

#4 Příspěvek od **Rudy** » 23 led 2016 21:20

Dejte nový log RSIT.

ave007 · #5 Příspěvek od **ave007** » 23 led 2016 21:25

Logfile of random's system information tool 1.10 (written by random/random)
Run by Sir Kubíno V at 2016-01-23 21:24:42
Microsoft Windows 8.1 Pro
System drive C: has 406 GB (85%) free of 477 GB
Total RAM: 3327 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:24:48, on 23. 1. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18124)
Boot mode: Normal

Running processes:
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\taskhostex.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\GWX\GWX.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Sir Kubíno V\Desktop\RSIT (1).exe
C:\Program Files\trend micro\Sir Kubíno V.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlZOM-BCxEbTY1kuKBUC9TUD03JNUO1H8zTqpsBJ3KSoiV5upp8CYc6UNMukg6_OcuwH7I11B9YkjY7pqRPW3lCldxEDz2C0x9hb2UOehmAAdaRrlNWaLOh_q35nhZyIPodeOumOOpI1NW8H6dExb5EKhg9Xig,,&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlZOM-BCxEbTY1kuKBUC9TUD03JNUO1H8zTqpsBJ3KSoiV5upp8CYc6UNMukg6_OcuwH7I11B9YkjY7pqRPW3lCldxEDz2C0x9hb2UOehmAAdaRrlNWaLOh_q35nhZyIPodeOumOOpI1NW8H6dExb5EKhg9Xig,,&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlZOM-BCxEbTY1kuKBUC9TUD03JNUO1H8zTqpsBJ3KSoiV5upp8CYc6UNMukg6_OcuwH7I11B9YkjY7pqRPW3lCldxEDz2C0x9hb2UOehmAAdaRrlNWaLOh_q35nhZyIPodeOumOOpI1NW8H6dExb5EKhg9Xig,,&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlZOM-BCxEbTY1kuKBUC9TUD03JNUO1H8zTqpsBJ3KSoiV5upp8CYc6UNMukg6_OcuBUpGX7jkIirVp0281FsmaKDCol3xk6OctmtM3BbMtQK7ybrV1e79qaBQmYHTsuuz1fd2opgwZnWl1x4t1rTMMqw7xz9g,,
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlZOM-BCxEbTY1kuKBUC9TUD03JNUO1H8zTqpsBJ3KSoiV5upp8CYc6UNMukg6_OcuwH7I11B9YkjY7pqRPW3lCldxEDz2C0x9hb2UOehmAAdaRrlNWaLOh_q35nhZyIPodeOumOOpI1NW8H6dExb5EKhg9Xig,,&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 111.248.193.27:80
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\ProgramData\dlohn\TechIt.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: aotech - Unknown owner - C:\Program Files\aotech\aotech.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: dlohn - Unknown owner - C:\ProgramData\\dlohn\\dlohn.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvvsvc.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files\Origin\OriginClientService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe

--
End of file - 8518 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d040a6fc425f51.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d0907dc3042f9.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d0bfa2434d2d7e.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d0e18657715e98.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d0f1e533b88f37.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d12e132d09f00b.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d0bfa245a19e1c.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d0e18657d31f02.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18 153768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08 1725056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2015-11-10 1731800]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2014-08-19 1795872]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2014-10-01 5088456]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-11-02 152392]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2015-02-26 4556048]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-09-16 6495144]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2015-12-17 50378880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\ProgramData\dlohn\TechIt.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"vidc.cvid"=iccvid.dll
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-01-23 20:56:33 ----D---- C:\AdwCleaner
2016-01-23 18:43:14 ----D---- C:\rsit
2016-01-23 17:38:20 ----D---- C:\ProgramData\dlohns
2016-01-23 17:38:05 ----D---- C:\ProgramData\dlohn
2016-01-22 13:02:24 ----D---- C:\Users\Sir Kubíno V\AppData\Roaming\Mozilla
2016-01-22 13:00:10 ----D---- C:\Program Files\Common Files\Spanlax
2016-01-22 13:00:04 ----D---- C:\Program Files\endax
2016-01-22 12:57:37 ----D---- C:\Program Files\aotech
2016-01-22 12:57:33 ----D---- C:\Program Files\Seznam.cz
2016-01-22 12:57:10 ----D---- C:\Users\Sir Kubíno V\AppData\Roaming\Seznam.cz
2016-01-13 11:23:11 ----A---- C:\WINDOWS\system32\devinv.dll
2016-01-13 11:23:11 ----A---- C:\WINDOWS\system32\aepic.dll
2016-01-13 11:23:11 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-01-13 11:23:10 ----A---- C:\WINDOWS\system32\WMVDECOD.DLL
2016-01-13 11:23:10 ----A---- C:\WINDOWS\system32\msmpeg2adec.dll
2016-01-13 11:23:10 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2016-01-13 11:23:09 ----A---- C:\WINDOWS\system32\WMVENCOD.DLL
2016-01-13 11:23:09 ----A---- C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-13 11:23:09 ----A---- C:\WINDOWS\system32\WMADMOD.DLL
2016-01-13 11:23:09 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2016-01-13 11:23:09 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-01-13 11:23:08 ----A---- C:\WINDOWS\system32\WMVSDECD.DLL
2016-01-13 11:23:08 ----A---- C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-13 11:23:08 ----A---- C:\WINDOWS\system32\VIDRESZR.DLL
2016-01-13 11:23:08 ----A---- C:\WINDOWS\system32\RESAMPLEDMO.DLL
2016-01-13 11:23:08 ----A---- C:\WINDOWS\system32\quartz.dll
2016-01-13 11:23:08 ----A---- C:\WINDOWS\system32\MP4SDECD.DLL
2016-01-13 11:23:08 ----A---- C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-13 11:23:08 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-01-13 11:23:08 ----A---- C:\WINDOWS\system32\evr.dll
2016-01-13 11:23:08 ----A---- C:\WINDOWS\system32\COLORCNV.DLL
2016-01-13 11:23:07 ----AC---- C:\WINDOWS\system32\SysFxUI.dll
2016-01-13 11:23:07 ----A---- C:\WINDOWS\system32\WMVXENCD.DLL
2016-01-13 11:23:07 ----A---- C:\WINDOWS\system32\WMVSENCD.DLL
2016-01-13 11:23:07 ----A---- C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-13 11:23:07 ----A---- C:\WINDOWS\system32\WMADMOE.DLL
2016-01-13 11:23:07 ----A---- C:\WINDOWS\system32\qdvd.dll
2016-01-13 11:23:07 ----A---- C:\WINDOWS\system32\MPG4DECD.DLL
2016-01-13 11:23:07 ----A---- C:\WINDOWS\system32\MP43DECD.DLL
2016-01-13 11:23:07 ----A---- C:\WINDOWS\system32\MFWMAAEC.DLL
2016-01-13 11:23:07 ----A---- C:\WINDOWS\system32\mfvdsp.dll
2016-01-13 11:23:07 ----A---- C:\WINDOWS\system32\mfps.dll
2016-01-13 11:23:07 ----A---- C:\WINDOWS\system32\devenum.dll
2016-01-13 11:23:05 ----A---- C:\WINDOWS\system32\advapi32.dll
2016-01-13 11:23:04 ----A---- C:\WINDOWS\system32\gdi32.dll
2016-01-13 11:23:02 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-01-13 11:23:02 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-01-13 11:22:53 ----A---- C:\WINDOWS\system32\schannel.dll
2016-01-13 11:22:53 ----A---- C:\WINDOWS\system32\ncryptsslp.dll
2016-01-13 11:22:53 ----A---- C:\WINDOWS\system32\ncrypt.dll
2016-01-13 11:22:53 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-01-13 11:22:53 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2016-01-13 11:22:53 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2016-01-13 11:22:53 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2016-01-13 11:22:53 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2016-01-13 11:22:52 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-01-13 11:22:35 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-01-13 11:22:34 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-01-13 11:22:33 ----A---- C:\WINDOWS\system32\wininet.dll
2016-01-13 11:22:33 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-01-13 11:22:32 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-01-13 11:22:32 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-01-13 11:22:32 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-01-13 11:22:32 ----A---- C:\WINDOWS\system32\jscript.dll
2016-01-13 11:22:32 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-01-13 11:22:32 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-01-13 11:22:19 ----A---- C:\WINDOWS\system32\qedit.dll
2016-01-13 11:22:19 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-01-13 11:22:19 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2016-01-13 11:22:19 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-01-13 11:22:19 ----A---- C:\WINDOWS\system32\acmigration.dll

======List of files/folders modified in the last 1 month======

2016-01-23 21:24:47 ----D---- C:\Program Files\trend micro
2016-01-23 21:24:39 ----D---- C:\WINDOWS\Temp
2016-01-23 21:14:40 ----D---- C:\WINDOWS\AppReadiness
2016-01-23 21:07:34 ----D---- C:\WINDOWS\Prefetch
2016-01-23 21:02:53 ----D---- C:\WINDOWS\system32\Tasks
2016-01-23 21:02:44 ----D---- C:\Users\Sir Kubíno V\AppData\Roaming\Skype
2016-01-23 21:01:22 ----D---- C:\ProgramData\NVIDIA
2016-01-23 21:00:00 ----D---- C:\WINDOWS\system32\sru
2016-01-23 20:59:50 ----RD---- C:\WINDOWS\System32
2016-01-23 20:59:49 ----HD---- C:\ProgramData
2016-01-23 18:56:51 ----D---- C:\ProgramData\Origin
2016-01-23 18:38:40 ----D---- C:\Program Files\Opera
2016-01-23 18:29:17 ----D---- C:\WINDOWS\SoftwareDistribution
2016-01-23 18:29:17 ----D---- C:\Windows
2016-01-23 18:29:12 ----D---- C:\WINDOWS\inf
2016-01-23 18:27:55 ----RD---- C:\Program Files
2016-01-23 18:25:03 ----D---- C:\WINDOWS\debug
2016-01-22 12:57:15 ----RSD---- C:\WINDOWS\assembly
2016-01-22 11:52:22 ----D---- C:\WINDOWS\Microsoft.NET
2016-01-22 08:15:00 ----SHD---- C:\System Volume Information
2016-01-20 11:50:08 ----D---- C:\WINDOWS\system32\config
2016-01-16 20:11:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-15 21:46:13 ----D---- C:\WINDOWS\rescache
2016-01-14 14:05:56 ----D---- C:\WINDOWS\system32\DriverStore
2016-01-14 10:56:51 ----SHD---- C:\WINDOWS\Installer
2016-01-14 10:40:40 ----D---- C:\WINDOWS\WinSxS
2016-01-14 10:40:39 ----RD---- C:\Program Files\Skype
2016-01-13 19:07:17 ----SD---- C:\WINDOWS\system32\CompatTel
2016-01-13 19:07:17 ----D---- C:\WINDOWS\system32\appraiser
2016-01-13 19:07:17 ----D---- C:\WINDOWS\apppatch
2016-01-13 19:07:16 ----D---- C:\WINDOWS\system32\Drivers
2016-01-13 14:57:02 ----D---- C:\WINDOWS\CbsTemp
2016-01-13 14:56:47 ----D---- C:\ProgramData\Microsoft Help
2016-01-13 14:53:18 ----A---- C:\WINDOWS\win.ini
2016-01-13 14:48:49 ----D---- C:\WINDOWS\system32\MRT
2016-01-13 14:43:24 ----A---- C:\WINDOWS\system32\MRT.exe
2016-01-13 10:58:27 ----D---- C:\Program Files\CCleaner
2016-01-12 10:00:02 ----HD---- C:\Program Files\WindowsApps
2016-01-09 10:43:43 ----D---- C:\WINDOWS\system32\catroot2
2016-01-05 21:04:40 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2014-10-10 190368]
R0 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2014-10-10 51288]
R0 Wof;Windows Overlay File System Filter Driver; C:\WINDOWS\system32\drivers\Wof.sys [2014-03-13 138584]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2014-10-10 191928]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2014-10-10 135296]
R1 EpfwLWF;@oem8.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [2014-10-10 37928]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2014-10-10 176448]
R3 dtlitescsibus;@oem11.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2015-03-09 25104]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 L1E;@netl1e86.inf,%L1E.Service.DispName%;Ovladač miniportu NDIS pro adaptér Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\L1E62x86.sys [2013-06-18 55296]
R3 MTsensor;@oem1.inf,%ASACPI.DisplayName%;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-08-19 10681176]
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpio.sys [2013-07-23 22016]
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2c.sys [2013-07-23 61936]
S3 USBAAPL;@oem17.inf,%USBAAPL.SvcDesc%;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2014-10-29 37888]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\WINDOWS\system32\DRIVERS\WinUsb.sys [2015-10-10 62976]
S3 WUDFSensorLP;@locationprovider.inf,%WudfLocationProviderDisplayName%;Služba Reflektor UMDF pro zprostředkovatele umístění (LocationProvider); C:\WINDOWS\System32\drivers\WUDFRd.sys [2014-10-29 190976]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 aotech;aotech; C:\Program Files\aotech\aotech.exe [2016-01-22 383488]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-01-08 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-01-08 1773696]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 33088]
R2 dlohn;dlohn; C:\ProgramData\\dlohn\\dlohn.exe [2016-01-23 540160]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2014-10-01 1349576]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2014-07-02 670552]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-07-02 413128]
R2 TeamViewer;TeamViewer 10; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2015-06-18 5495056]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-02-26 1032464]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-11-02 553288]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 33088]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 Origin Client Service;Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2015-12-18 2104840]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 150600]

-----------------EOF-----------------

#6 Příspěvek od **Rudy** » 23 led 2016 22:32

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files\Skype\Toolbars
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d040a6fc425f51.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d0907dc3042f9.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d0bfa2434d2d7e.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d0e18657715e98.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d0f1e533b88f37.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d12e132d09f00b.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d0bfa245a19e1c.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d0e18657d31f02.job
C:\ProgramData\\dlohn

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]

:services
c2cautoupdatesvc
c2cpnrsvc
dlohn

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

ave007 · #7 Příspěvek od **ave007** » 23 led 2016 22:40

Logfile of random's system information tool 1.10 (written by random/random)
Run by Sir Kubíno V at 2016-01-23 22:39:33
Microsoft Windows 8.1 Pro
System drive C: has 406 GB (85%) free of 477 GB
Total RAM: 3327 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:39:41, on 23. 1. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18124)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\taskhostex.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\GWX\GWX.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Sir Kubíno V\Desktop\RSIT (1).exe
C:\Program Files\trend micro\Sir Kubíno V.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlZOM-BCxEbTY1kuKBUC9TUD03JNUO1H8zTqpsBJ3KSoiV5upp8CYc6UNMukg6_OcuwH7I11B9YkjY7pqRPW3lCldxEDz2C0x9hb2UOehmAAdaRrlNWaLOh_q35nhZyIPodeOumOOpI1NW8H6dExb5EKhg9Xig,,&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlZOM-BCxEbTY1kuKBUC9TUD03JNUO1H8zTqpsBJ3KSoiV5upp8CYc6UNMukg6_OcuwH7I11B9YkjY7pqRPW3lCldxEDz2C0x9hb2UOehmAAdaRrlNWaLOh_q35nhZyIPodeOumOOpI1NW8H6dExb5EKhg9Xig,,&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlZOM-BCxEbTY1kuKBUC9TUD03JNUO1H8zTqpsBJ3KSoiV5upp8CYc6UNMukg6_OcuwH7I11B9YkjY7pqRPW3lCldxEDz2C0x9hb2UOehmAAdaRrlNWaLOh_q35nhZyIPodeOumOOpI1NW8H6dExb5EKhg9Xig,,&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlZOM-BCxEbTY1kuKBUC9TUD03JNUO1H8zTqpsBJ3KSoiV5upp8CYc6UNMukg6_OcuBUpGX7jkIirVp0281FsmaKDCol3xk6OctmtM3BbMtQK7ybrV1e79qaBQmYHTsuuz1fd2opgwZnWl1x4t1rTMMqw7xz9g,,
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlZOM-BCxEbTY1kuKBUC9TUD03JNUO1H8zTqpsBJ3KSoiV5upp8CYc6UNMukg6_OcuwH7I11B9YkjY7pqRPW3lCldxEDz2C0x9hb2UOehmAAdaRrlNWaLOh_q35nhZyIPodeOumOOpI1NW8H6dExb5EKhg9Xig,,&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 111.248.193.27:80
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\ProgramData\dlohn\Hatsing.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: aotech - Unknown owner - C:\Program Files\aotech\aotech.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: dlohn - Unknown owner - C:\ProgramData\\dlohn\\dlohn.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvvsvc.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files\Origin\OriginClientService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe

--
End of file - 8740 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18 153768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2015-11-10 1731800]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2014-08-19 1795872]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2014-10-01 5088456]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-11-02 152392]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2015-02-26 4556048]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-09-16 6495144]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2015-12-17 50378880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\ProgramData\dlohn\Hatsing.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"vidc.cvid"=iccvid.dll
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-01-23 22:34:58 ----D---- C:\_OTM
2016-01-23 20:56:33 ----D---- C:\AdwCleaner
2016-01-23 18:43:14 ----D---- C:\rsit
2016-01-23 17:38:20 ----D---- C:\ProgramData\dlohns
2016-01-23 17:38:05 ----D---- C:\ProgramData\dlohn
2016-01-22 13:02:24 ----D---- C:\Users\Sir Kubíno V\AppData\Roaming\Mozilla
2016-01-22 13:00:10 ----D---- C:\Program Files\Common Files\Spanlax
2016-01-22 13:00:04 ----D---- C:\Program Files\endax
2016-01-22 12:57:37 ----D---- C:\Program Files\aotech
2016-01-22 12:57:33 ----D---- C:\Program Files\Seznam.cz
2016-01-22 12:57:10 ----D---- C:\Users\Sir Kubíno V\AppData\Roaming\Seznam.cz
2016-01-13 11:23:11 ----A---- C:\WINDOWS\system32\devinv.dll
2016-01-13 11:23:11 ----A---- C:\WINDOWS\system32\aepic.dll
2016-01-13 11:23:11 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-01-13 11:23:10 ----A---- C:\WINDOWS\system32\WMVDECOD.DLL
2016-01-13 11:23:10 ----A---- C:\WINDOWS\system32\msmpeg2adec.dll
2016-01-13 11:23:10 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2016-01-13 11:23:09 ----A---- C:\WINDOWS\system32\WMVENCOD.DLL
2016-01-13 11:23:09 ----A---- C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-13 11:23:09 ----A---- C:\WINDOWS\system32\WMADMOD.DLL
2016-01-13 11:23:09 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2016-01-13 11:23:09 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-01-13 11:23:08 ----A---- C:\WINDOWS\system32\WMVSDECD.DLL
2016-01-13 11:23:08 ----A---- C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-13 11:23:08 ----A---- C:\WINDOWS\system32\VIDRESZR.DLL
2016-01-13 11:23:08 ----A---- C:\WINDOWS\system32\RESAMPLEDMO.DLL
2016-01-13 11:23:08 ----A---- C:\WINDOWS\system32\quartz.dll
2016-01-13 11:23:08 ----A---- C:\WINDOWS\system32\MP4SDECD.DLL
2016-01-13 11:23:08 ----A---- C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-13 11:23:08 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-01-13 11:23:08 ----A---- C:\WINDOWS\system32\evr.dll
2016-01-13 11:23:08 ----A---- C:\WINDOWS\system32\COLORCNV.DLL
2016-01-13 11:23:07 ----AC---- C:\WINDOWS\system32\SysFxUI.dll
2016-01-13 11:23:07 ----A---- C:\WINDOWS\system32\WMVXENCD.DLL
2016-01-13 11:23:07 ----A---- C:\WINDOWS\system32\WMVSENCD.DLL
2016-01-13 11:23:07 ----A---- C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-13 11:23:07 ----A---- C:\WINDOWS\system32\WMADMOE.DLL
2016-01-13 11:23:07 ----A---- C:\WINDOWS\system32\qdvd.dll
2016-01-13 11:23:07 ----A---- C:\WINDOWS\system32\MPG4DECD.DLL
2016-01-13 11:23:07 ----A---- C:\WINDOWS\system32\MP43DECD.DLL
2016-01-13 11:23:07 ----A---- C:\WINDOWS\system32\MFWMAAEC.DLL
2016-01-13 11:23:07 ----A---- C:\WINDOWS\system32\mfvdsp.dll
2016-01-13 11:23:07 ----A---- C:\WINDOWS\system32\mfps.dll
2016-01-13 11:23:07 ----A---- C:\WINDOWS\system32\devenum.dll
2016-01-13 11:23:05 ----A---- C:\WINDOWS\system32\advapi32.dll
2016-01-13 11:23:04 ----A---- C:\WINDOWS\system32\gdi32.dll
2016-01-13 11:23:02 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-01-13 11:23:02 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-01-13 11:22:53 ----A---- C:\WINDOWS\system32\schannel.dll
2016-01-13 11:22:53 ----A---- C:\WINDOWS\system32\ncryptsslp.dll
2016-01-13 11:22:53 ----A---- C:\WINDOWS\system32\ncrypt.dll
2016-01-13 11:22:53 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-01-13 11:22:53 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2016-01-13 11:22:53 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2016-01-13 11:22:53 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2016-01-13 11:22:53 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2016-01-13 11:22:52 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-01-13 11:22:35 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-01-13 11:22:34 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-01-13 11:22:33 ----A---- C:\WINDOWS\system32\wininet.dll
2016-01-13 11:22:33 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-01-13 11:22:32 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-01-13 11:22:32 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-01-13 11:22:32 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-01-13 11:22:32 ----A---- C:\WINDOWS\system32\jscript.dll
2016-01-13 11:22:32 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-01-13 11:22:32 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-01-13 11:22:19 ----A---- C:\WINDOWS\system32\qedit.dll
2016-01-13 11:22:19 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-01-13 11:22:19 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2016-01-13 11:22:19 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-01-13 11:22:19 ----A---- C:\WINDOWS\system32\acmigration.dll

======List of files/folders modified in the last 1 month======

2016-01-23 22:39:41 ----D---- C:\Program Files\trend micro
2016-01-23 22:38:47 ----D---- C:\WINDOWS\Temp
2016-01-23 22:38:32 ----D---- C:\WINDOWS\Prefetch
2016-01-23 22:38:08 ----D---- C:\WINDOWS\system32\Tasks
2016-01-23 22:38:02 ----RD---- C:\WINDOWS\System32
2016-01-23 22:37:44 ----D---- C:\Users\Sir Kubíno V\AppData\Roaming\Skype
2016-01-23 22:36:21 ----D---- C:\ProgramData\NVIDIA
2016-01-23 22:35:00 ----D---- C:\WINDOWS\Tasks
2016-01-23 22:34:59 ----RD---- C:\Program Files\Skype
2016-01-23 22:00:00 ----D---- C:\WINDOWS\system32\sru
2016-01-23 21:31:35 ----D---- C:\WINDOWS\debug
2016-01-23 21:14:40 ----D---- C:\WINDOWS\AppReadiness
2016-01-23 20:59:49 ----HD---- C:\ProgramData
2016-01-23 18:56:51 ----D---- C:\ProgramData\Origin
2016-01-23 18:38:40 ----D---- C:\Program Files\Opera
2016-01-23 18:29:17 ----D---- C:\WINDOWS\SoftwareDistribution
2016-01-23 18:29:17 ----D---- C:\Windows
2016-01-23 18:29:12 ----D---- C:\WINDOWS\inf
2016-01-23 18:27:55 ----RD---- C:\Program Files
2016-01-22 12:57:15 ----RSD---- C:\WINDOWS\assembly
2016-01-22 11:52:22 ----D---- C:\WINDOWS\Microsoft.NET
2016-01-22 08:15:00 ----SHD---- C:\System Volume Information
2016-01-20 11:50:08 ----D---- C:\WINDOWS\system32\config
2016-01-16 20:11:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-15 21:46:13 ----D---- C:\WINDOWS\rescache
2016-01-14 14:05:56 ----D---- C:\WINDOWS\system32\DriverStore
2016-01-14 10:56:51 ----SHD---- C:\WINDOWS\Installer
2016-01-14 10:40:40 ----D---- C:\WINDOWS\WinSxS
2016-01-13 19:07:17 ----SD---- C:\WINDOWS\system32\CompatTel
2016-01-13 19:07:17 ----D---- C:\WINDOWS\system32\appraiser
2016-01-13 19:07:17 ----D---- C:\WINDOWS\apppatch
2016-01-13 19:07:16 ----D---- C:\WINDOWS\system32\Drivers
2016-01-13 14:57:02 ----D---- C:\WINDOWS\CbsTemp
2016-01-13 14:56:47 ----D---- C:\ProgramData\Microsoft Help
2016-01-13 14:53:18 ----A---- C:\WINDOWS\win.ini
2016-01-13 14:48:49 ----D---- C:\WINDOWS\system32\MRT
2016-01-13 14:43:24 ----A---- C:\WINDOWS\system32\MRT.exe
2016-01-13 10:58:27 ----D---- C:\Program Files\CCleaner
2016-01-12 10:00:02 ----HD---- C:\Program Files\WindowsApps
2016-01-09 10:43:43 ----D---- C:\WINDOWS\system32\catroot2
2016-01-05 21:04:40 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2014-10-10 190368]
R0 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2014-10-10 51288]
R0 Wof;Windows Overlay File System Filter Driver; C:\WINDOWS\system32\drivers\Wof.sys [2014-03-13 138584]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2014-10-10 191928]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2014-10-10 135296]
R1 EpfwLWF;@oem8.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [2014-10-10 37928]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2014-10-10 176448]
R3 dtlitescsibus;@oem11.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2015-03-09 25104]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 L1E;@netl1e86.inf,%L1E.Service.DispName%;Ovladač miniportu NDIS pro adaptér Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\L1E62x86.sys [2013-06-18 55296]
R3 MTsensor;@oem1.inf,%ASACPI.DisplayName%;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-08-19 10681176]
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpio.sys [2013-07-23 22016]
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2c.sys [2013-07-23 61936]
S3 USBAAPL;@oem17.inf,%USBAAPL.SvcDesc%;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2014-10-29 37888]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\WINDOWS\system32\DRIVERS\WinUsb.sys [2015-10-10 62976]
S3 WUDFSensorLP;@locationprovider.inf,%WudfLocationProviderDisplayName%;Služba Reflektor UMDF pro zprostředkovatele umístění (LocationProvider); C:\WINDOWS\System32\drivers\WUDFRd.sys [2014-10-29 190976]
S3 WUDFWpdFs;WUDFWpdFs; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [2014-10-29 190976]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 aotech;aotech; C:\Program Files\aotech\aotech.exe [2016-01-22 383488]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 33088]
R2 dlohn;dlohn; C:\ProgramData\\dlohn\\dlohn.exe [2016-01-23 540160]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2014-10-01 1349576]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2014-07-02 670552]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-07-02 413128]
R2 TeamViewer;TeamViewer 10; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2015-06-18 5495056]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-02-26 1032464]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-11-02 553288]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 33088]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 Origin Client Service;Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2015-12-18 2104840]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 150600]

-----------------EOF-----------------

#8 Příspěvek od **Rudy** » 23 led 2016 22:44

Dvouklikem na soubor C:\Program Files\trend micro\Sir Kubíno V.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://%66%65%65%64.%73%6F%6E%69%63-%73 ... g9Xig,,&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6F%6E%69%63-%73 ... g9Xig,,&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://%66%65%65%64.%73%6F%6E%69%63-%73 ... g9Xig,,&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://%66%65%65%64.%73%6E%61%70%64%6F. ... MMqw7xz9g,,
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6F%6E%69%63-%73 ... g9Xig,,&q={searchTerms}
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

ave007 · #9 Příspěvek od **ave007** » 23 led 2016 23:00

Hotovo.
Mám ale velký problém s Antivirusem ESET Smart Security.
Všechny stránky hlásí jako Virus. Všude možně se objevují reklamy, a falešné stránky nabízející se opravit "můj problém" stažením nějakého souboru

ave007 · #10 Příspěvek od **ave007** » 23 led 2016 23:04

ave007 · #11 Příspěvek od **ave007** » 23 led 2016 23:08

#12 Příspěvek od **Rudy** » 24 led 2016 11:13

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

ave007 · #13 Příspěvek od **ave007** » 24 led 2016 17:28

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 24. 1. 2016
Čas skenování: 17:17
Protokol: viry_seznm.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2016.01.24.04
Databáze rootkitů: v2016.01.20.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x86
Souborový systém: NTFS
Uživatel: Sir Kubíno V

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 380222
Uplynulý čas: 10 min, 7 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 4
PUP.Optional.Amonetize, C:\Program Files\aotech\aotech.exe, 1692, , [fc787bc24f4a26104c04b12b669be917]
PUP.Optional.Linkury.ShrtCln, C:\ProgramData\dlohn\dlohn.exe, 1848, , [433153ea8118bd79398907c7c73a837d]
PUP.Optional.Linkury.ShrtCln, C:\ProgramData\dlohn\dlohn.exe, 2836, , [433153ea8118bd79398907c7c73a837d]
PUP.Optional.Amonetize, C:\Program Files\aotech\packages\f698cebb-4272-4aa9-9866-b4135c4f6aea\amdide.exe, 2896, , [0c68cd70e8b171c5cc83994354adf10f]

Moduly: 2
PUP.Optional.Linkury, C:\ProgramData\dlohn\Hatsing.dll, , [066eac9149500432e18401d3877ab14f],
PUP.Optional.Linkury, C:\ProgramData\dlohn\Hatsing.dll, , [066eac9149500432e18401d3877ab14f],

Klíče registru: 16
PUP.Optional.Amonetize, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\aotech, , [fc787bc24f4a26104c04b12b669be917],
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DLOHN.EXE, , [433153ea8118bd79398907c7c73a837d],
PUP.Optional.DownChecker, HKLM\SOFTWARE\downchecker, , [2351a499e3b681b5d4e412ccb34fcd33],
PUP.Optional.Linkury, HKLM\SOFTWARE\mtApService, , [690ba994c3d647ef327b2e0b61a3a957],
PUP.Optional.Linkury, HKLM\SOFTWARE\mtdlohn, , [2b49e855a2f740f6227eff3ba460728e],
PUP.Optional.WikiSearchMe, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\fcgnigmofekcllgbiejhmigggmgehkip, , [c4b047f62b6e7eb8dde2e9136f9420e0],
PUP.Optional.Linkury, HKLM\SOFTWARE\MICROSOFT\TRACING\dlohn_RASAPI32, , [fa7a6fce30693ff74f5013273dc729d7],
PUP.Optional.Linkury, HKLM\SOFTWARE\MICROSOFT\TRACING\dlohn_RASMANCS, , [413319243c5d58dea5fa72c8f4108d73],
PUP.Optional.Linkury, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Stpro.exe, , [f38150edb6e37bbb030be3182cd717e9],
PUP.Optional.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Application Hosting, , [bdb767d6316852e4520ad0096c9615eb],
PUP.Optional.SoftwareUpdater, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\SrvUpd4terExe, , [2d47a09d2b6e70c688b4fc02a65d37c9],
PUP.Optional.Linkury, HKU\S-1-5-21-3244112132-2280665113-3797570292-1004\SOFTWARE\mtdlohn, , [086cf9448316c27456472d0dba4a6799],
PUP.Optional.TidyNetwork, HKU\S-1-5-21-3244112132-2280665113-3797570292-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\DRAGDROP\{70BC1CDB-0744-4172-BDA0-B5A487D00C3A}, , [0272d5685f3af541ea886c804db6ac54],
PUP.Optional.TNT, HKU\S-1-5-21-3244112132-2280665113-3797570292-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{72A6AB0F-2FA8-4C73-9FCB-1E62A608F001}, , [52224fee0594f5411389f7f5fc07f010],
PUP.Optional.TNT, HKU\S-1-5-21-3244112132-2280665113-3797570292-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C3079081-3331-4652-889F-E1051571BA0B}, , [b6be27161782df57c7d67d6ff50e9e62],
PUP.Optional.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\dlohn, , [4a2a3a03fa9f0e28419d3c99fc0648b8],

Hodnoty registru: 6
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlZOM-BCxEbTY1kuKBUC9TUD03JNUO1H8zTqpsBJ3KSoiV5upp8CYc6UNMukg6_OcuwH7I11B9YkjY7pqRPW3lCldxEDz2C0x9hb2UOehmAAdaRrlNWaLOh_q35nhZyIPodeOumOOpI1NW8H6dExb5EKhg9Xig,,&q={searchTerms}, , [c7ad0538376288ae14c1921b6d96f50b]
PUP.Optional.Linkury, HKU\S-1-5-21-3244112132-2280665113-3797570292-1004\ENVIRONMENT|SNP, http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D?publisher=APSFRec&co=CZ&userid=557f2b67-deb7-8acb-e4f5-8902fc592881&searchtype=sc&installDate=23., , [6c0838059bfe2115087aa72a19ea8d73]
PUP.Optional.Linkury, HKU\S-1-5-21-3244112132-2280665113-3797570292-1004\ENVIRONMENT|SNF, C:\ProgramData\dlohns\snp.sc, , [ed8753eabddc0d294d34ebe618ebe818]
PUP.Optional.TNT, HKU\S-1-5-21-3244112132-2280665113-3797570292-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{72A6AB0F-2FA8-4C73-9FCB-1E62A608F001}|AppName, TNT2User.exe, , [52224fee0594f5411389f7f5fc07f010]
PUP.Optional.TNT, HKU\S-1-5-21-3244112132-2280665113-3797570292-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C3079081-3331-4652-889F-E1051571BA0B}|OSDFileURL, file:///C:/Users/Sir Kubíno V/AppData/Local/TNT2/Profiles/11147/yah11147.xml, , [b6be27161782df57c7d67d6ff50e9e62]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-3244112132-2280665113-3797570292-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlZOM-BCxEbTY1kuKBUC9TUD03JNUO1H8zTqpsBJ3KSoiV5upp8CYc6UNMukg6_OcuwH7I11B9YkjY7pqRPW3lCldxEDz2C0x9hb2UOehmAAdaRrlNWaLOh_q35nhZyIPodeOumOOpI1NW8H6dExb5EKhg9Xig,,&q={searchTerms}, , [f57fb885c4d575c106cc3b72dd260ff1]

Data registru: 2
PUP.Optional.Linkury, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\ProgramData\dlohn\Hatsing.dll, Dobré: (), Špatné: (C:\ProgramData\dlohn\Hatsing.dll),,[066eac9149500432e18401d3877ab14f]
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {ielnksrch}, Dobré: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Špatné: ({ielnksrch}),,[e98b48f58514ce687c6707b9966edd23]

Složky: 14
PUP.Optional.Amonetize, C:\Program Files\aotech, , [a5cf122b683194a2020fda6470946d93],
PUP.Optional.Amonetize, C:\Program Files\aotech\packages, , [a5cf122b683194a2020fda6470946d93],
PUP.Optional.Amonetize, C:\Program Files\aotech\packages\31586515-e9c8-4c67-824f-fafbb85227ee, , [a5cf122b683194a2020fda6470946d93],
PUP.Optional.Amonetize, C:\Program Files\aotech\packages\366ccf88-3da6-4dd1-bad1-8a9f116dcf71, , [a5cf122b683194a2020fda6470946d93],
PUP.Optional.Amonetize, C:\Program Files\aotech\packages\bef0f1c8-8649-47cd-839c-7a0272fd4125, , [a5cf122b683194a2020fda6470946d93],
PUP.Optional.Amonetize, C:\Program Files\aotech\packages\f698cebb-4272-4aa9-9866-b4135c4f6aea, , [a5cf122b683194a2020fda6470946d93],
PUP.Optional.Amonetize, C:\Program Files\aotech\packages\f698cebb-4272-4aa9-9866-b4135c4f6aeade-DE, , [a5cf122b683194a2020fda6470946d93],
PUP.Optional.Amonetize, C:\Program Files\aotech\packages\f698cebb-4272-4aa9-9866-b4135c4f6aeafr, , [a5cf122b683194a2020fda6470946d93],
PUP.Optional.Amonetize, C:\Program Files\aotech\packages\f698cebb-4272-4aa9-9866-b4135c4f6aeait, , [a5cf122b683194a2020fda6470946d93],
PUP.Optional.Amonetize, C:\Program Files\aotech\packages\f698cebb-4272-4aa9-9866-b4135c4f6aeazh-CN, , [a5cf122b683194a2020fda6470946d93],
PUP.Optional.Linkury, C:\ProgramData\dlohn, , [4a2a3a03fa9f0e28419d3c99fc0648b8],
PUP.Optional.Linkury, C:\ProgramData\dlohn\ondemand, , [4a2a3a03fa9f0e28419d3c99fc0648b8],
PUP.Optional.Linkury, C:\ProgramData\dlohn\temp, , [4a2a3a03fa9f0e28419d3c99fc0648b8],
PUP.Optional.Linkury, C:\ProgramData\dlohns, , [5e1689b48118b680c41bd401b54d3ec2],

Soubory: 51
PUP.Optional.Amonetize, C:\Program Files\aotech\aotech.exe, , [fc787bc24f4a26104c04b12b669be917],
PUP.Optional.Linkury.ShrtCln, C:\ProgramData\dlohn\dlohn.exe, , [433153ea8118bd79398907c7c73a837d],
PUP.Optional.Amonetize, C:\Program Files\aotech\packages\f698cebb-4272-4aa9-9866-b4135c4f6aea\amdide.exe, , [0c68cd70e8b171c5cc83994354adf10f],
PUP.Optional.Linkury, C:\ProgramData\dlohn\Hatsing.dll, , [066eac9149500432e18401d3877ab14f],
PUP.Optional.Linkury, C:\ProgramData\dlohn\BioSildax.exe, , [5c18c57835642214ef777c58cd3447b9],
PUP.Optional.Linkury, C:\ProgramData\dlohn\Triotech.exe, , [c1b3300d633683b3fa6a6a6a7c8555ab],
PUP.Optional.Linkury, C:\ProgramData\dlohn\Trustair.dll, , [bfb5e459ddbc25119a8b9a3b01004db3],
PUP.Optional.OpenCandy, C:\Users\Sir Kubíno V\Downloads\DTLite4454-0316.exe, , [8aeab18ccccd48ee8a738b4c15efca36],
PUP.Optional.DownLoadAdmin, C:\Users\Sir Kubíno V\Downloads\installer_omnipage_professional_15_English.exe, , [e4900e2f9bfe1224f9d5ec3e29d7e41c],
PUP.Optional.SafeFinder, C:\Users\Sir Kubíno V\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.safefinder.com_0.localstorage, , [ed87ac919702fc3a3df2508b10f2e818],
PUP.Optional.SafeFinder, C:\Users\Sir Kubíno V\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.safefinder.com_0.localstorage-journal, , [d3a14eef2d6cbd797ab52eadbc46dd23],
PUP.Optional.Amonetize, C:\Program Files\aotech\config.conf, , [a5cf122b683194a2020fda6470946d93],
PUP.Optional.Amonetize, C:\Program Files\aotech\aotech.exe.config, , [a5cf122b683194a2020fda6470946d93],
PUP.Optional.Amonetize, C:\Program Files\aotech\packages\31586515-e9c8-4c67-824f-fafbb85227ee\Jackson.exe, , [a5cf122b683194a2020fda6470946d93],
PUP.Optional.Amonetize, C:\Program Files\aotech\packages\31586515-e9c8-4c67-824f-fafbb85227ee\xtc.exe, , [a5cf122b683194a2020fda6470946d93],
PUP.Optional.Amonetize, C:\Program Files\aotech\packages\31586515-e9c8-4c67-824f-fafbb85227ee\xtc.exe.config, , [a5cf122b683194a2020fda6470946d93],
PUP.Optional.Amonetize, C:\Program Files\aotech\packages\366ccf88-3da6-4dd1-bad1-8a9f116dcf71\run.exe, , [a5cf122b683194a2020fda6470946d93],
PUP.Optional.Amonetize, C:\Program Files\aotech\packages\366ccf88-3da6-4dd1-bad1-8a9f116dcf71\run.exe.config, , [a5cf122b683194a2020fda6470946d93],
PUP.Optional.Amonetize, C:\Program Files\aotech\packages\bef0f1c8-8649-47cd-839c-7a0272fd4125\file.exe.config, , [a5cf122b683194a2020fda6470946d93],
PUP.Optional.Amonetize, C:\Program Files\aotech\packages\bef0f1c8-8649-47cd-839c-7a0272fd4125\Interop.IWshRuntimeLibrary.dll, , [a5cf122b683194a2020fda6470946d93],
PUP.Optional.Amonetize, C:\Program Files\aotech\packages\bef0f1c8-8649-47cd-839c-7a0272fd4125\start.exe, , [a5cf122b683194a2020fda6470946d93],
PUP.Optional.Amonetize, C:\Program Files\aotech\packages\bef0f1c8-8649-47cd-839c-7a0272fd4125\start.exe.config, , [a5cf122b683194a2020fda6470946d93],
PUP.Optional.Amonetize, C:\Program Files\aotech\packages\f698cebb-4272-4aa9-9866-b4135c4f6aea\amdide.exe.config, , [a5cf122b683194a2020fda6470946d93],
PUP.Optional.Amonetize, C:\Program Files\aotech\packages\f698cebb-4272-4aa9-9866-b4135c4f6aea\conf.db, , [a5cf122b683194a2020fda6470946d93],
PUP.Optional.Amonetize, C:\Program Files\aotech\packages\f698cebb-4272-4aa9-9866-b4135c4f6aea\config.conf, , [a5cf122b683194a2020fda6470946d93],
PUP.Optional.Amonetize, C:\Program Files\aotech\packages\f698cebb-4272-4aa9-9866-b4135c4f6aeade-DE\Microsoft.Win32.TaskScheduler.resources.dll, , [a5cf122b683194a2020fda6470946d93],
PUP.Optional.Amonetize, C:\Program Files\aotech\packages\f698cebb-4272-4aa9-9866-b4135c4f6aeafr\Microsoft.Win32.TaskScheduler.resources.dll, , [a5cf122b683194a2020fda6470946d93],
PUP.Optional.Amonetize, C:\Program Files\aotech\packages\f698cebb-4272-4aa9-9866-b4135c4f6aeait\Microsoft.Win32.TaskScheduler.resources.dll, , [a5cf122b683194a2020fda6470946d93],
PUP.Optional.Amonetize, C:\Program Files\aotech\packages\f698cebb-4272-4aa9-9866-b4135c4f6aeazh-CN\Microsoft.Win32.TaskScheduler.resources.dll, , [a5cf122b683194a2020fda6470946d93],
PUP.Optional.Linkury, C:\ProgramData\dlohn\PrxCfg.xml, , [4a2a3a03fa9f0e28419d3c99fc0648b8],
PUP.Optional.Linkury, C:\ProgramData\dlohn\BioSildax.exe.config, , [4a2a3a03fa9f0e28419d3c99fc0648b8],
PUP.Optional.Linkury, C:\ProgramData\dlohn\conf.config, , [4a2a3a03fa9f0e28419d3c99fc0648b8],
PUP.Optional.Linkury, C:\ProgramData\dlohn\Config.xml, , [4a2a3a03fa9f0e28419d3c99fc0648b8],
PUP.Optional.Linkury, C:\ProgramData\dlohn\confpro.config, , [4a2a3a03fa9f0e28419d3c99fc0648b8],
PUP.Optional.Linkury, C:\ProgramData\dlohn\dlohn.d.dat, , [4a2a3a03fa9f0e28419d3c99fc0648b8],
PUP.Optional.Linkury, C:\ProgramData\dlohn\dlohn.dat, , [4a2a3a03fa9f0e28419d3c99fc0648b8],
PUP.Optional.Linkury, C:\ProgramData\dlohn\Faseis.dat, , [4a2a3a03fa9f0e28419d3c99fc0648b8],
PUP.Optional.Linkury, C:\ProgramData\dlohn\Geo-La.bin, , [4a2a3a03fa9f0e28419d3c99fc0648b8],
PUP.Optional.Linkury, C:\ProgramData\dlohn\Hotphase.bin, , [4a2a3a03fa9f0e28419d3c99fc0648b8],
PUP.Optional.Linkury, C:\ProgramData\dlohn\md.xml, , [4a2a3a03fa9f0e28419d3c99fc0648b8],
PUP.Optional.Linkury, C:\ProgramData\dlohn\Opesoft.bin, , [4a2a3a03fa9f0e28419d3c99fc0648b8],
PUP.Optional.Linkury, C:\ProgramData\dlohn\Round-Ity.dat, , [4a2a3a03fa9f0e28419d3c99fc0648b8],
PUP.Optional.Linkury, C:\ProgramData\dlohn\Silver-Ex.bin, , [4a2a3a03fa9f0e28419d3c99fc0648b8],
PUP.Optional.Linkury, C:\ProgramData\dlohn\SubLight.bin, , [4a2a3a03fa9f0e28419d3c99fc0648b8],
PUP.Optional.Linkury, C:\ProgramData\dlohn\Tresphase.bin, , [4a2a3a03fa9f0e28419d3c99fc0648b8],
PUP.Optional.Linkury, C:\ProgramData\dlohn\Triotech.exe.config, , [4a2a3a03fa9f0e28419d3c99fc0648b8],
PUP.Optional.Linkury, C:\ProgramData\dlohn\uninstall.dat, , [4a2a3a03fa9f0e28419d3c99fc0648b8],
PUP.Optional.Linkury, C:\ProgramData\dlohn\Ventoin.bin, , [4a2a3a03fa9f0e28419d3c99fc0648b8],
PUP.Optional.Linkury, C:\ProgramData\dlohns\ff.HP, , [5e1689b48118b680c41bd401b54d3ec2],
PUP.Optional.Linkury, C:\ProgramData\dlohns\ff.NT, , [5e1689b48118b680c41bd401b54d3ec2],
PUP.Optional.Linkury, C:\ProgramData\dlohns\snp.sc, , [5e1689b48118b680c41bd401b54d3ec2],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#14 Příspěvek od **Rudy** » 24 led 2016 17:56

Všechny nálezy smažte.

ave007 · #15 Příspěvek od **ave007** » 24 led 2016 18:04

Hotovo.

VIRY.CZ

search.safefinder.com a podobná havěť v mém PC :(

search.safefinder.com a podobná havěť v mém PC :(

Re: search.safefinder.com a podobná havěť v mém PC :(

Re: search.safefinder.com a podobná havěť v mém PC :(

Re: search.safefinder.com a podobná havěť v mém PC :(

Re: search.safefinder.com a podobná havěť v mém PC :(

Re: search.safefinder.com a podobná havěť v mém PC :(

Re: search.safefinder.com a podobná havěť v mém PC :(

Re: search.safefinder.com a podobná havěť v mém PC :(

Re: search.safefinder.com a podobná havěť v mém PC :(

Re: search.safefinder.com a podobná havěť v mém PC :(

Re: search.safefinder.com a podobná havěť v mém PC :(

Re: search.safefinder.com a podobná havěť v mém PC :(

Re: search.safefinder.com a podobná havěť v mém PC :(

Re: search.safefinder.com a podobná havěť v mém PC :(

Re: search.safefinder.com a podobná havěť v mém PC :(